On Fri, 2006-04-21 at 18:50 -0700, Filippos Klironomos wrote: > Only thing I can think of is /etc/hosts.allow and /etc/hosts.deny file > that the tcpd daemon uses for > additional security. Maybe there is a strict definition on which > connections should go through. > > Also why don't you use tcpdump to see what is going on in the incoming > traffic on the machine. Maybe > increase the log level of the kernel by > > /sbin/sysctl -w net.ipv4.netfilter.ip_conntrack_log_invalid=1 > > to see what is dropped and why. > > Filippos > Is there a reason you are sending what appears to be encoded binary to the mailing list? The below is only a part of your message. Jeff --===============1981184131== Content-Type: multipart/alternative; boundary="----=_Part_31304_3263355.1145670621599" ------=_Part_31304_3263355.1145670621599 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: base64 Content-Disposition: inline T25seSB0aGluZyBJIGNhbiB0aGluayBvZiBpcyAvZXRjL2hvc3RzLmFsbG93IGFuZCAvZXRjL2hv c3RzLmRlbnkgZmlsZSB0aGF0CnRoZSB0Y3BkIGRhZW1vbiB1c2VzIGZvcgphZGRpdGlvbmFsIHNl Y3VyaXR5LiBNYXliZSB0aGVyZSBpcyBhIHN0cmljdCBkZWZpbml0aW9uIG9uIHdoaWNoIGNvbm5l Y3Rpb25zCnNob3VsZCBnbyB0aHJvdWdoLgoKQWxzbyB3aHkgZG9uJ3QgeW91IHVzZSB0Y3BkdW1w IHRvIHNlZSB3aGF0IGlzIGdvaW5nIG9uIGluIHRoZSBpbmNvbWluZwp0cmFmZmljIG9uIHRoZSBt YWNoaW5lLiBNYXliZQppbmNyZWFzZSB0aGUgbG9nIGxldmVsIG9mIHRoZSBrZXJuZWwgYnkKCi9z YmluL3N5c2N0bCAtdyBuZXQuaXB2NC5uZXRmaWx0ZXIuaXBfY29ubnRyYWNrX2xvZ19pbnZhbGlk PTEKCnRvIHNlZSB3aGF0IGlzIGRyb3BwZWQgYW5kIHdoeS4KCkZpbGlwcG9zCgpPbiA0LzIxLzA2 LCBEZWJiaWUgRGV1dHNjaCA8ZmVkb3JhbGlzdEBkZGV1dHNjaC5vcmc+IHdyb3RlOgo +Cj4gUGVy Jeff > On 4/21/06, Debbie Deutsch <fedoralist@xxxxxxxxxxxx> wrote: > Perhaps someone can help me with this problem. I have > sendmail running > on an FC5 system.* It works to the extent that I can send > email from > that system to other systems in other domains. The problem is > that > other systems cannot initiate a connection to it. Here are > the key > facts that I have been able to confirm: > > > - I previously edited the sendmail.mc file to be sure it is > listening on > port 25 and did a make to update sendmail.cf. Then I stopped > and > restarted sendmail. > > - Sendmail is definitely running. > > - Both netstat and nmap confirm that the system *is* listening > on port > 25, as it should be. > > - When I attempt to telnet to port 25 the connection fails. > However, > telnet definitely is running. I can telnet to the host > without > specifying a port and successfully communicate with the telnet > server. > On the other hand, when I try to telnet to port 23 (where > netstat and > nmap confirm that the telnet server is listening), I get the > same error > as when I try to telnet to port 25. I have tried this from > multiple > hosts on my LAN, all with the same results. > > - In an effort to rule out firewalls as a possible source of > the > problem, I disabled selinux completely and stopped > iptables. (I did not > see anything in iptables that should block port 25 but I > wanted to be > sure it was not the source of the problem.) > > - All of the above testing was done on my LAN. The traffic > did not > traverse my hardware router/firewall. In any case, the > firewall is > configured to not block port 25. (I had sendmail running > successfully > before, on an old system that finally went belly-up.) > > - As noted above, I can successfully send mail that requires > sendmail to > connect to another smtp server that is outside my LAN. > > All of this makes me think that there is some firewall-like > thing going > on where outbound smtp connections are okay but smtp sessions > that are > initiated by another host are not. The behavior with telnet > connections > only working if the port is not specified baffles me. With > selinux and > iptables turned off, I am out of ideas. Any suggestions? > > TIA, > > Debbie > > *32-bit FC5 running on a 64-bit system because 54-bit FC5 > installs but > won't boot completely. You may remember the recent thread... > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: > https://www.redhat.com/mailman/listinfo/fedora-list > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
